On 2013-10-09 19:22, Walter Parker wrote:
The big problem with asking the question "Has the NSA required you to add a back door?" is that no small company that wants to say in business can or will say yes (If they do, no one will trust/use the product unless forced themselves). The company will agree/be forced to say no. How does one tell that no from an authentic no?
Exactly. But sometimes you can get the most interesting results out of "silly straight forward" questions. E.g. by carefully analyzing the reactions, or the words that are said - or not said.
Additionally as far as I have figured, the criminal authorities even forbid those companies to talk about things. So the most common official answer is: "We are not allowed to talk about it" (=Yes, we are held hostages by the criminal authorities). If this should be the case, we - the community - could find a solution all together, e.g. by re-incorporating the project in a free country (= not the USA!).
Therefore, once trust is question, the only way to be sure is to do the self review suggested earlier...
Well, yes. But who does? Do you? Me not. Who does then?
However, from my perspective, the code in pfSense is more like to be secure than any commercial, closed source solution. See prior threads about FreeBSD security.
I *hope* that, too. But do I *know*? No. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
